<?php

    // Created By : Noan Babao
    // B.S. Computer Science - De La Salle Canlubang
    // October 27,2011
    //NOT IN parameters : documentType , documentName documentId , location
    //NOT OUT parameters : List of Attachments.

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) {
    // INCLUDES CONFIGURATION VARIABLES FOR DATABASE ACCESS
 $hostName = "localhost";
 $rootName = "dbasegr";
 $dBasePassword = "dbgr2012";
 $dBaseName = 'greenroute';

//    // CONNECT TO DATABASE
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');

$username = $_POST['username'];
$password = $_POST['password'];
$firstName  = $_POST['firstName'];
$middleName  = $_POST['middleName'];
$lastName  = $_POST['lastName'];
$position  = explode(",",$_POST['position']);
$secretQuestion = $_POST['secretQuestion'];
$secretAnswer = $_POST['secretAnswer'];

//Query Insert to Account
    $queryAccount = 
            "
                INSERT into Account(username,password,firstName,middleName,lastName,status,secretQuestion,secretAnswer,accountLastUpdated) 
                values('$username', '$password' , '$firstName', '$middleName','$lastName','Active', '$secretQuestion','$secretAnswer' , NULL)
            ";
    
//Query Get userId
    
    $queryUserId = 
           "
               SELECT * 
               FROM Account 
               WHERE username = '$username'
           ";


            
    
    mysql_query($queryAccount) or die ('Error in query: $queryAttachment. ' . mysql_error());
    
    $result = mysql_query($queryUserId) or die ('Error in query: $queryUserId. ' . mysql_error());
    if (mysql_num_rows($result) > 0){
        while ($row = mysql_fetch_array($result)) {

            $userId = $row['userId'];

        }
        
        for($x=0;$x < count($position) - 1  ;$x++){
            
            
          
                $addAccountDeptPos = "
                                        Insert Into Account_Dept_Pos 
                                        values('$userId','$position[$x]','Active');
                                     ";
                mysql_query($addAccountDeptPos) or die ('Error in query: $addAccountDeptPos. ' . mysql_error());
            
        }
        echo json_encode(1);
    }
    else{
        echo json_encode(0);
    }
    
    
    
    
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
 echo "You are not authorized to view this page. This incident will be reported immediately.";
} 
?>
